LoanBase Looses 8 Bitcoin Due To Data Breach

Bitcoin lending platforms provide a viable alternative for entrepreneurs and companies looking to secure a tiny bit of extra money to cover certain expenses. The main goal of these services to provide loans to people all over the world, as Bitcoin is a universal form of transferring value. But some companies are being targeted by hackers, and Loanbase lost roughly 8 BTC in customer funds due to a breach.

LoanBase Breach Due To Lack of 2FA

The name LoanBase might ring a bell for most Bitcoin users as the company has been around for quite some time, albeit under a different name. Until a few months ago, this company was known under the name BitLendingClub, but the LoanBase rebranding gives the service a more professional appeal to users not versed in the world of Bitcoin and digital currency.

Late last night, Loanbase sent out an email to their users, informing them regarding a breach of the platform. Four different user accounts have been tampered with, and the expected loss of funds sits at eight Bitcoin. However, that number could be as high as 20 BTC once the internal investigation has been completed successfully.

All of these accounts have been subject to unauthorized access by an unknown party. None of these user accounts was protected by two-factor authentication, only requiring a login and password to access the details. Moreover, these four Loanbase accounts were accessed on February 6 in the morning, which leads to believe one party is responsible for this attack.

The assailants gained access to these details due to a vulnerability in the Loanbase WordPress platform, and the SQL database was not safe from harm either. It is expected the assailants managed to access sensitive personal information, including names and phone numbers.

However, the most important news is how Loanbase will reimburse all affected users who have lost funds. Furthermore, the website will remain offline until a full security investigation has been completed, and outstanding withdrawal requests will be cancelled. Once everything is back online, all users will need to update their password and 2FA settings, to ensure proper security in the future.

This new comes on the heels of popular gift card service provider Gyft announcing a similar breach of their own. During that attack, no customer funds were stolen according to preliminary reports. While these breaches are worrying, it also goes to show Bitcoin is attracting a lot of attention in these harsh financial times.

About The Author

JP Buntinx is a 30-year old FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he is working to achieve the same level of respect in the FinTech sector.